Computer Worm Forces Hospitals to Turn Away Patients

Below:

Next story in Security

A damaging, fast-spreading computer bug forced an Atlanta-area
hospital system to shut its doors for nearly three days last week
and divert ambulances to other facilities.

Gwinnett Medical Center's two campuses, in Lawrenceville and
Duluth, Ga., were forced to declare "total diversion" status and
turn away all but extreme trauma cases beginning Dec. 7, when the
hospital's IT department detected malware on its network.

Gwinnett Medical Center spokeswoman Beth Okun told Atlanta's
WSB-TV Channel 2 that the malware disabled computer
connectivity within the two facilities, meaning staff had to run
papers from station to station rather than sending them over the
network. The bug hampered several departments, including
radiology, pharmacy and labs.

Okun and local media reported the malware as a "virus," but it
seems more likely that it was a worm, since a virus needs human
intervention to replicate and would not have spread through an
organization's entire computer system so quickly.

Okun said the malware affected connectivity only, and did not
compromise medical records or affect
patient care "in any way, shape or form." She said the
hospital did not know how the malware got into the system.

Gwinnett Medical Center's network became stable again at 3 p.m.
on Friday (Dec. 9), and began accepting patients the following
day.

This is not the first time a computer bug has caused chaos in the
medical field: Last month, a virus took out the automated
in-vehicle response systems of a
New Zealand ambulance company, leaving drivers in the dark
about the emergency calls to which they were responding.

Sophos' Chet Wisniewski noted that hospitals and other medical
facilities are caught between a rock and a hard place when it
comes to computer security.

"Many medical devices now hook into hospital networks for
monitoring, alerting, logging and reporting," he said in a blog posting. "These devices
often run commodity operating systems (read: Windows) and the
vendors prohibit applying patches to them. They will not
guarantee the device will operate correctly if it is patched,
leaving medical facilities in a very difficult position."